Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-29	CVE-2024-36370	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible network low complexity jetbrains CWE-79	5.4
2024-05-29	CVE-2024-36371	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible network low complexity jetbrains CWE-79	5.4
2024-05-29	CVE-2024-36372	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.6 reflected XSS on the subscriptions page was possible network low complexity jetbrains CWE-79	6.1
2024-05-29	CVE-2024-36373	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible network low complexity jetbrains CWE-79	5.4
2024-05-29	CVE-2024-36374	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible network low complexity jetbrains CWE-79	5.4
2024-05-29	CVE-2024-36375	Information Exposure Through an Error Message vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed network low complexity jetbrains CWE-209	5.3
2024-05-29	CVE-2024-36376	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions network low complexity jetbrains CWE-863	8.1
2024-05-29	CVE-2024-36377	Missing Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions network low complexity jetbrains CWE-862	8.1
2024-05-29	CVE-2024-36378	Allocation of Resources Without Limits or Throttling vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens network low complexity jetbrains CWE-770	7.5
2024-05-29	CVE-2024-36470	Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases network low complexity jetbrains CWE-306 critical	9.8

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains